class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  # 当来自外网的请求时候如何处理? 现在是为外网的 js 请求重置一个 session, 避免假 session 登陆
  protect_from_forgery with: :null_session

  def index
    @todo = Todoitem.new
  end
end
